#! perl -slw
use strict;
use Win32::Process;
use Win32::API::Prototype;

$|++;

ApiLink(
	'kernel32',
	'BOOL GetProcessTimes(
		HANDLE hProcess,
		LPFILETIME lpCreationTime,
		LPFILETIME lpExitTime,
		LPFILETIME lpKernelTime,
		LPFILETIME lpUserTime
	)'
) or die $^E;

ApiLink(
	'kernel32',
	'HANDLE OpenProcess(
  		DWORD dwDesiredAccess,
  		BOOL bInheritHandle,
  		DWORD dwProcessId
	)'
) or die $^E;

ApiLink(
	'kernel32',
	'BOOL FileTimeToSystemTime(
		FILETIME* lpFileTime,
	  	LPSYSTEMTIME lpSystemTime
	)'
) or die $^E;

sub SystemTimeToString{
	my( $y, $M, $dow, $d, $h, $m, $s, $milli ) = unpack 's8', $_[ 0 ];
#	$dow  = (qw[ Sunday Monday Tuesday Wednesday Thursday Friday Saturday ])[$dow];
#	$d = ( qw[ undef Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ] )[ $d ];
	return "$y/$M/$d $h:$m:$s.$milli";
}

Win32::Process::Create(
	   my $pObj,
	   "C:\\windows\\system32\\notepad.exe",
	   "notepad temp.txt",
	   0,
	   NORMAL_PRIORITY_CLASS,
	   "."
) or die $^E;

print 'Paused'; <>;

my $pid = $pObj->GetProcessID;
print "pid: $pid";

my $hProc = OpenProcess( 0x0400, 1, $pid ) or die $^E;
print "hproc: $hProc";

my( $c, $e, $k, $u ) = ('0'x8) x 4;
my( $cs, $es ) = ('0'x16) x 2;

GetProcessTimes( $hProc, $c, $e, $k, $u ) or die $^E;

FileTimeToSystemTime( $c, $cs ) or die $^E;
print 'Process created: ', SystemTimeToString( $cs );

FileTimeToSystemTime( $e, $es ) or die $^E;
print 'Process   ended: ', SystemTimeToString( $es );


printf '%7.5f %7.5f', map{ unpack( 'Nx[N]', $_ ) / 10e8 }$k, $u;

__END__
P:\test>326090
Paused

pid: 3616
hproc: 72
Process created: 2004/2/3 4:53:50.390
Process   ended: 2004/2/3 4:53:50.796
0.00000 15.16372